Aruba Mobile First Platform: An Introduction to ArubaOS 8 Clustering

Aruba Mobile First Platform:
An Introduction ArubaOS 8
Nick Walters
EMEA Product Manager, Enterprise Wireless Networking
October 20th, 2016

2
Agenda
• Aruba OS 8 New Architecture
• Product Portfolio Controller comparison
• Controller Modes comparison
• ArubaOS 6.X v’s 8.X
• Zero Touch Provisioning and
Hierarchical Configuration introduction
• Features & Functionality
• VMM only
• MM scalability
• General for 8.0 Enhancements
• Clustering & MultiZone specifics
• Upgrading & Roadmap

3
Aruba OS 8.0.X Release Deliverables
Launch of New Architecture
• Mobility Master (on x86 VMware, and x86 H/W in 8.1) – Control-plane only
• Traditional H/W Controllers (70xx, 72xx) if set in Master Controller Mode have capped feature set
• Virtual Mobility Controller (on x86 VMware managed by MM in 8.0.1) – Control & Data-plane
Aruba OS 8.0
Mobility Master VMC
Firewall throughput
of ~5 Gbps

4
Evolution of Deployment Models
Master Controllers
Local Controllers
Mobility Master
Local Mobility
Controller Cluster
Mobility Master
Virtual Mobility
Controller
6.x 8.0 8.x

5
Product Portfolio
Controller SKU Evolution
7005 & 7008
16 APs/1K Users
2 Gbps Firewall
7010
32 APs/2K Users
12 POE Ports
4 Gbps Firewall
7030
64 APs/4K Users
8 Gbps Firewall
7210
512 CAP/512 RAP
16K Users
20 Gbps Firewall
7205
256 APs/8K Users
12 Gbps Firewall
7220
1024 CAP/1024 RAP
24K Users
40 Gbps Firewall
7240
2048 CAP/2048 RAP
32K Users
40 Gbps Firewall
7024
32 APs/2K Users
24 POE Ports
4 Gbps Firewall
MC-VA-50
50 APs/4K Users
MC-VA-250
250 APs/8K Users
MM-VA-500
500 Devices/5K Users
MM-VA-5K
5K Devices/
50K Users
MC-VA-1000
1000 APs/24K Users
MM-VA-1K
1K Devices/10K Users
VM-VA-10K
10K Devices/
100K Users
MM-HW-5K
5K Devices/
50K Users
MM-HW-10K
10K Devices/
100K Users
MM-HW-1K
1K Devices/
10K Users

6
Controller Modes
6.X v’s 8.X Code Base

7
Summary
6.X Code base
1
A controller in Master mode can partially manage configuration for a
local and fully manage a branch controller
2
3
4
All controllers support Master, Local and Standalone mode. 70xx
support the additional Branch mode
A controller in Local mode depends on partial configuration from its
Master
A controller in Branch mode is capable of Zero Touch deployment and
is fully managed by the master controller (Needs to be 72xx as Master)

8
Architecture
6.x based Topology
INTERNET
Headquarter
Brand Office
Headquarter
Branch
Master/Master-Standby
Local Local
DMZ

9
Architecture
8.0 based Topology
INTERNET
Headquarter
Brand Office
Headquarter
Branch
Local Local
DMZ
Mobility Master/Standby

10
MC/MN MC/MN
MC/MN
Architecture
8.0 based Topology
INTERNET
Headquarter
Brand Office
Headquarter
DMZ
MC/MN
VPNC

11
Summary
8.0 Code base
1
Introduces VM based Mobility Master (MM) as a single point of
configuration and image management
2
3
4 All 72xx/70xx Controllers can be setup as a MC/MN or standalone
Introduces Mobility Controller or Managed Node which is completely
managed by MM using Zero Touch Provisioning unlike 6.x Master-Local
The MM can only be a VM and not a controller

12
Summary Controller Modes
6.X vs 8.0
Introduces Mobility Controller or Managed Node which is completely
managed by MM using Zero Touch Provisioning unlike 6.x Master-Local
The MM can only be a VM and not a controller
AOS 6.x AOS 8.0
Master Controller Mobility Master (only on VM)
Standalone Standalone (only on Hardware or VMC)
Local Mobility Controller (or Managed Device)
Branch Mobility Controller (or Managed Device)

13
Zero Touch and Hierarchical Configuration
8.0

14
Zero Touch Provisioning for all Controllers
8.0 Code
MC/MN MC/MN
Mobility Master/StandbyHeadquarter
1 All Controllers support ZTP with the
aid of DHCP Options or Activate
2 Mobility Master manages full
configuration of devices
3 In a large deployment there is a single
touch point in the form of MM

15
Hierarchical Configuration Model
8.0 Code
wlan ssid-profile "abc-
ssid_prof"
essid "abc"
opmode wpa2-aes
a-basic-rates 12 24
a-tx-rates 12 24 36 48 54
g-basic-rates 12 24
g-tx-rates 12 24 36 48 54
ht-ssid-profile "abc-
htssid_prof"
g-beacon-rate 12
a-beacon-rate 12
!
interface gigabitethernet 0/0/0
description "GE0/0/0"
shutdown
trusted
trusted vlan 1-4094
!
Mobility Controller Config
MC/MN MC/MN

16
Device 03Device 02Device 01
Building
1341
Building
1322
Building
1344
Aruba
Sunnyvale
md
mynode
mm
/
Hierarchical Configuration Model
Configuration Model Core Architecture
MC/MN MC/MN

17
Hierarchical Configuration
GUI Snapshot – mm (System Group)
Device 03Device 02Device 01
Building
1341
Building
1322
Building
1344
Aruba
Sunnyvale
md
mynode
mm
/

18
Features & Functionality
8.0

19
Aruba OS 8.0 Improved reliability and ease of operations with
virtualization Key Software Features for MM
• Controller Clustering – Hitless Client Failover, seamless roaming, automatic
user load balancing without disruption to real-time voice & video apps
• MultiZone – Secure Multi-tenant SSIDs on one AP with different end-point
controller
• AirMatch – Centralized RF automation, learns & adapts RF environment for
clients optimizing throughput
• NorthBound API – seamless integration with 3rd party Apps providing
Network intelligence insights
• AppRF Enhancements – Custom App definition & Categorization, prioritizes
App traffic, enforces policy per user/device/location
• Enhanced Master Functionality – New WebUI, Hierarchical configuration
(global & local), Multi-version AOS8.x support
• Simplified Device Deployment – Provisioning with “Activate” & Zero Touch
Deployment of VMC, Mobility (BOC & Local) Controllers
• Loadable Service Modules – In-service upgrades
(AirGroup/AppRF/WebCC/WMS/Clarity/UCC/Lync)

20
Aruba OS 8.0 General Feature Enhancements
• Zero touch deployment
• Hierarchical configuration (global/local)
• New Web UI
• Centralized visibility and monitoring
• Centralized licensing with pools
• Config auto roll back
• WebCC Proxy
• Multi-threaded CLI
• Auto-completion of profiles in CLI
• Profile name tab completion
• Better trouble shooting with RAP health check
• WAN Link bonding and load balancing
Ease of use and simple deployment
Branch enhancement
• Jabber support
• Skype SDN API scaling for giant networks
• Heuristics and SDN APIs coexisting for better
user experience
• Prioritize multiple voice application at the same
time with Multi-ALG support
UCC enhancement
• Custom app definitions and categories
• Update signatures like antivirus definitions
AppRF enhancement
• IKE fragmentation support
• IPsec over IPV6
Enhanced security

21
Aruba OS 8.0.x
• Runs on a Virtual Machine and deployed as OVA
• Support only on VMware ESXi or KVM Hypervisor
• VMware 5.1, 5.5, 6.0 with vSwitch Promiscuous mode enabled
• CPU oversubscription not support
• Rightsizing #CPUs, Memory, Disk based on the Scale
• Bare Minimum of: 2 NIC (up to 4); 3 vCPUs; 8GB RAM (16GB
preferred); 60GB Disk Space; QuadCore i5 1.9GHz processor
with hyper-threading
Scale
• Supports up to
• 1000 Mobility Controllers (Managed Devices)
• 10K AP Deployment
• 100K Clients
• AP Termination not supported (Control Plane Only)
• Full Scale needs a dedicated VM capacity of up to
• 16 CPU Cores, 64G RAM, 2 to 4 Gig Ethernet Ports
Mobility Master Platform & Scale
Mobility Master
Local
Controller
Ease of operation for VMware
Hypervisor customers
Virtual
Mobility
Master
(VMM)
Virtual
Mobility
Controller
(VMC)
X86hardware
appliance

22
Master Controller Mode Vs Mobility Master Mode
Features Master Controller AOS 8.0.1 Mobility Master AOS 8.0
Services like UCC, AppRF, AirGroup etc. Services are distributed to local controllers Services are centralized at MM
Monitoring Distributed Centralized monitoring from MM
APIs Monitoring via Rest and ZeroMQ Monitoring via Rest and ZeroMQ; Configuration
capability
Redundancy VRRP, APFF Hitless stateful failover with controller clustering.
(VRRP, APFF also supported)
ARM Legacy Channel and TX power management
ClientMatch
AirMatch (enhancing ARM centrally)
ClientMatch
MultiZone ✔ ✔
Loadable Service Module Not Supported Upgrade services without affecting the network
ZTP ✔ ✔
Multi-version support Not Supported ✔
Auto config rollback ✔ ✔
Licensing Centralized Licensing Centralized Licensing with Pools
Configuration Centralized/Hierarchy Centralized/Hierarchy
IPFIX ✔ ✔

24
Clustering
Highlights
1 Available ONLY with Mobility Master
2 Only among Managed Devices (not
MM)
3 No License needed
MD MD
MD

25
Clustering
Highlights
1 Available ONLY with Mobility Master
2 Only among Managed Devices (not
MM)
3 No License needed
MD MD
4 CAP, RAP and Mesh AP support MD

26
Clustering
Highlights
5 72xx, 70xx and VMC supported
7210
7240
7220
72057030
7024
7010
7005
7008
VMC-50
VMC-250
VMC-1k

27
7024
Clustering
Highlights
5 72xx, 70xx and VMC supported
All Managed Devices need to run the
same software version6 7210
7240
7220
72057030
7010
7005
7008
8.0.0
8.0.1
8.0.1
8.0.1
8.0.18.0.1
8.0.1
8.0.1
8.0.1
8.0.1
8.0.1
8.0.1
8.0.1
VMC-50
VMC-250
VMC-1k

28
Clustering
Cluster Capacity
1 Up to 12 managed nodes in a cluster
when using 72xx devices
7240
7205
7220
7205
7220
7205
7210
7205
7240
7205
7240
7205

29
Clustering
Cluster Capacity
7010
7005
7030
7024

30
Clustering
Cluster Capacity
VMC-50
VMC-250
VMC-1k
when using VMC devices
VMC-1k

31
Clustering
Key Considerations
1 Clustering and HA-AP Fast Failover
mutually exclusive
2 Cluster members need to run the
same firmware version
3 Size of Cluster terminating RAPs
limited to 4
4 Mix of hardware and x86 Managed
Devices in a cluster not supported
5 Mix of 72xx and 70xx devices in a
cluster not recommended

34
Multizone AP
What is a Zone? What is a Multizone AP?
1 Collection of controllers under a single
administration domain
2 Can be a single controller or a cluster of
controllers
1 AP capable of terminating its tunnels on
controllers residing in different zones
Multi-Zone AP
Zone
Note: 6.x deployments seen as a single zone!
3-node Cluster
Primary Zone
Standalone
Data Zone

35
Multizone AP
Objectives
1 Same AP hardware
Different Controller domains
3 Air Wall between zones
2 Secured Containers for different SSIDs

36
Multizone AP
Zone Roles
1 Zone AP connects to when booting up
3 Configure multizone profile to enable
the feature
2 Full Management and configuration of
the AP features
Primary Zone

37
Multizone AP
Zone Roles
1 Secondary zone AP connects to after
receiving multizone profile
3 Tunnel mode VAP profile configuration
ONLY
2 Cannot reboot, provision or upgrade AP
image
Data Zone

38
Multizone AP
Topologies – Examples
1 Primary Zone: Standalone 1
Data Zone: Standalone 2
3
Primary Zone: 4-Node Cluster
Data Zone 1: 2-Node Cluster
Data Zone 2: Standalone
2 Primary Zone: 2-Node Cluster
Data Zone: Standalone
Standalone 1 Standalone 2
Primary Zone Data Zone
Standalone
Data Zone
2-node Cluster
Primary Zone
Standalone
Data Zone 2
2-node Cluster
Data Zone 1
4-node Cluster
Primary Zone

39
Multizone AP
Architecture
Standalone
Data Zone
3-node Cluster
Primary Zone
Multizone
profile
Primary Tunnel
Data Tunnel
Primary
ESSID
Data
ESSID

40
Multizone AP
Multizone WebUI Configuration

41
Multizone AP
Key Considerations
1 Same AOS version in all zones
2 Same AP-GROUP and AP-NAME in
Data Zones as Primary Zone
3 CPSEC is required
4 Primary and Data Zones Managed
Devices cannot run from same MM
5 AP-22x & AP-13x supported in 8.0.0
and AP-31x, -32x, & -33x in 8.0.1

42
Multizone AP
Key Considerations
6 Max of 5 zones (1 primary + 4 Data)
7 Max of 12 controllers for all zones
8 Max of 16 VAPs per radio for all zones
9 Mesh, RAP not supported

44
Upgrade at your own pace
AOS 6.x
Local Controller
AOS 8.0 Master Controller Mode AOS 8.0 Mobility Master Mode
Local Controller
Master Controller
72xx
Local Controller Local Controller
Mobility
Master
7xxx7xxx
Master Controller
72xx
7xxx7xxx
Mobility Controller Mobility Controller
7xxx/VMC7xxx/VMC
VMC/HW
VM/HW
appliance
Centralized Licensing server
runs on MM to Move license
between controllers providing
Segmentation of license pools

45
MC/MN MC/MN
Image Upgrade
Comparing 6.x vs 8.0.0
Headquarter Master/Master-Standby
Local Local
6.5.0
6.5.0 6.5.0 6.5.0
8.2.2
8.2.2 8.0.1 8.0.1

46
8.0 Roadmap
Product Availability
AOS 8.0 – Soft Launch
Mobility Master (VMware Hypervisor only )
July, 2016
AOS 8.0.1
• Master Controller Mode
• Virtual Mobility Controller (VMC)
• 310 & 330 APs
• KVM Hypervisor support
November, 2016
AOS 8.1
• HW Mobility Master (x86 HW)
• 207 & 304/305 APs
Q1, 2017
Supported Hardware (Same as AOS 6.5):
• 70xx and 72xx controllers
• Most 11n APs
• 11ac APs- All 2xx,3xx APs
Unsupported hardware (Same as AOS 6.5):
• AP-12x
• 11a/b/g APs
• 6xx/3xxx/6xxx controllers

47
ArubaOS 8.0: Key Benefits
Simplicity:
Multi-versioning, enhanced UI, campus ZTP,
user load balancing, centralized licensing
Stability:
In-service upgrades, seamless client
failover in cluster, auto config rollback
Innovation:
ClientMatch, AirMatch, MultiZone,
AirGroup, AppRF

Thank you
Contact information: nick.walters@hpe.com

49
ArubaOS 8.0: Mobility Master Architecture
Activate
• Provide provisioning info for Zero Touch Deployment
Airwave / Network Manager
• Monitoring
• Reports
• Long-term Dashboards
Mobility Master (MM)
• UI – Simplified and modernized
• Configuration
• auto roll back
• Hierarchical config
• Multi-version support
• Multi-threaded CLI
• Only one kind of controller (No more Master,
Local, Branch)
• Centralized Licensing with multiple pools
• Controller / AP Whitelist
• Services
• Inline service upgrades
• Improved scale
• AirMatch, RBCM, AppRF, AirGroup, SDN
controller, etc.
• Zero Touch Deployment
• Static, DHCP, Activate
• Controllers and APs boot without user
intervention.
• Controller Cluster
• Seamless Roaming across large campus
• Stateful User Session Failover
• User Load-Balancing
Activate
MN-1 MN-2 MN-3
AP
MN-4 MN-5 MN-6
AP
Mobility Master
(Active)
Mobility Master
(Standby)
MN-7 MN-8
AP
DMZ
MN-7 MN-8
INTERNET
KEY
Logical Connection
Sunnyvale Campus New York Campus
Dublin, IR Branch
IPSEC to DMZ
CONFIDENTIAL © Copyright 2016. Aruba, a Hewlett Packard Enterprise Company. All rights reserved.All Specifications Subject to change without notice

Aruba Mobile First Platform: An Introduction to ArubaOS 8 Clustering

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Aruba Mobile First Platform: An Introduction to ArubaOS 8 Clustering

Similar to Aruba Mobile First Platform: An Introduction to ArubaOS 8 Clustering (20)

More from Aruba, a Hewlett Packard Enterprise company

More from Aruba, a Hewlett Packard Enterprise company (18)

Recently uploaded

Recently uploaded (20)

Aruba Mobile First Platform: An Introduction to ArubaOS 8 Clustering